nerdexam
(ISC)2

CISSP · Question #787

Which of the following is the MOST crucial for a successful audit plan?

The correct answer is A. Defining the scope of the audit to be performed. An audit is an independent and objective examination of an organization's activities, systems, processes, or controls to evaluate their adequacy, effectiveness, efficiency, and compliance with applicable standards, policies, laws, or regulations. An audit plan is a document that

Submitted by skyler.x· Mar 5, 2026Security Assessment and Testing

Question

Which of the following is the MOST crucial for a successful audit plan?

Options

  • ADefining the scope of the audit to be performed
  • BIdentifying the security controls to be implemented
  • CWorking with the system owner on new controls
  • DAcquiring evidence of systems that are not compliant

How the community answered

(18 responses)
  • A
    89% (16)
  • B
    6% (1)
  • C
    6% (1)

Explanation

An audit is an independent and objective examination of an organization's activities, systems, processes, or controls to evaluate their adequacy, effectiveness, efficiency, and compliance with applicable standards, policies, laws, or regulations. An audit plan is a document that outlines the objectives, scope, methodology, criteria, schedule, and resources of an audit. The most crucial element of a successful audit plan is defining the scope of the audit to be performed, which is the extent and boundaries of the audit, such as the subject matter, the time period, the locations, the departments, the functions, the systems, or the processes to be audited. The scope of the audit determines what will be included or excluded from the audit, and it helps to ensure that the audit objectives are met and the audit resources are used efficiently and effectively. Identifying the security controls to be implemented, working with the system owner on new controls, and acquiring evidence of systems that are not compliant are all important tasks in an audit, but they are not the most crucial for a successful audit plan, as they depend on the scope of the audit to be defined first.

Topics

#audit planning#audit scope#security audit#assessment methodology

Community Discussion

No community discussion yet for this question.

Full CISSP Practice